Bug 984401 (CVE-2013-4124)
| Summary: | CVE-2013-4124 samba: DoS via integer overflow when reading an EA list | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Huzaifa S. Sidhpurwala <huzaifas> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | asn, gdeschner, jlieskov, nandand1985, nsoman, sbose, security-response-team |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | samba-3.5.22, samba-3.6.17, samba-4.0.8 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2014-03-17 18:18:28 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 984799, 984807, 984808, 984809, 993043, 1018046, 1073350, 1073351 | ||
| Bug Blocks: | 952520, 974906, 984402 | ||
|
Description
Huzaifa S. Sidhpurwala
2013-07-15 07:03:22 UTC
Support for Extended Attributes (EA) is disabled by default in the versions of samba package shipped with Red Hat Enterprise Linux 5 and 6.
As per the smb(5) man page:
"
This boolean parameter controls whether smbd(8) will allow clients to attempt to store OS/2 style Extended attributes on a share. In order to enable this parameter the underlying filesystem exported by the share must support extended attributes (such as provided on XFS and EXT3 on Linux, with the correct kernel patches). On Linux the filesystem must have been mounted with the mount option
user_xattr in order for extended attributes to work, also extended attributes must be compiled into the Linux kernel.
Default: ea support = no
"
External References: http://www.samba.org/samba/security/ Upstream patches: http://gitweb.samba.org/?p=samba.git;a=commitdiff;h=b4bfcdf921aeee05c4608d7b48618fdfb1f134dc (against v4.0.7) http://gitweb.samba.org/?p=samba.git;a=commitdiff;h=efdbcabbe97a594572d71d714d258a5854c5d8ce (against v3.6.16) http://gitweb.samba.org/?p=samba.git;a=commitdiff;h=6ef0e33fe8afa0ebb81652b9d42b42d20efadf04 (against v3.5.21) Created samba tracking bugs for this issue: Affects: fedora-all [bug 993043] Other references: http://www.samba.org/samba/history/samba-3.5.22.html http://www.samba.org/samba/history/samba-3.6.17.html http://www.samba.org/samba/history/samba-4.0.8.html samba-4.0.8-1.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report. samba-4.0.8-1.fc18 has been pushed to the Fedora 18 stable repository. If problems still persist, please make note of it in this bug report. Hello, Want to know whether this patch is released for version 3.0.33 or do we need to wait for the fix . Thank you The paranoia checks are still present in 3.0.33. This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2013:1310 https://rhn.redhat.com/errata/RHSA-2013-1310.html Statement: (none) Hello All, Is there any ETA for the update to Version of Samba-3.0.33-3.39_el5_8 . Thanks in advance. Thank you, Nandan This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2013:1542 https://rhn.redhat.com/errata/RHSA-2013-1542.html This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2013:1543 https://rhn.redhat.com/errata/RHSA-2013-1543.html This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2014:0305 https://rhn.redhat.com/errata/RHSA-2014-0305.html |